additional checks for auth token

author: Maxim Devaev <[email protected]> 2024-01-08 21:45:30 +0200
committer: Maxim Devaev <[email protected]> 2024-01-08 21:45:30 +0200
commit: f355c38fe18968475bce1b04b1b1b22fae37ff23 (patch)
tree: afebf3c38200934d86039d9a883bbc01cf1f3f50
parent: 4457187a8655743d2c7d0c9e643fd91c29b4aaad (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/kvmd/apps/kvmd/auth.py b/kvmd/apps/kvmd/auth.py
index 8b0d104d..4571884b 100644
--- a/kvmd/apps/kvmd/auth.py
+++ b/kvmd/apps/kvmd/auth.py
@@ -120,13 +120,20 @@ class AuthManager:
             for (token, token_user) in self.__tokens.items():
                 if user == token_user:
                     return token
-            token = secrets.token_hex(32)
+            token = self.__make_new_token()
             self.__tokens[token] = user
             get_logger().info("Logged in user %r", user)
             return token
         else:
             return None
 
+    def __make_new_token(self) -> str:
+        for _ in range(10):
+            token = secrets.token_hex(32)
+            if token not in self.__tokens:
+                return token
+        raise AssertionError("Can't generate new unique token")
+
     def logout(self, token: str) -> None:
         assert self.__enabled
         user = self.__tokens.pop(token, "")
author	Maxim Devaev <[email protected]>	2024-01-08 21:45:30 +0200
committer	Maxim Devaev <[email protected]>	2024-01-08 21:45:30 +0200
commit	f355c38fe18968475bce1b04b1b1b22fae37ff23 (patch)
tree	afebf3c38200934d86039d9a883bbc01cf1f3f50
parent	4457187a8655743d2c7d0c9e643fd91c29b4aaad (diff)